| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <58a9410a-62f2-5a35-2ce3-f5203912465e@grsecurity.net>
Date: Wed, 5 Apr 2023 20:31:50 +0200
From: Mathias Krause <minipli@...ecurity.net>
To: Sean Christopherson <seanjc@...gle.com>
Cc: Paolo Bonzini <pbonzini@...hat.com>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: x86/mmu: Refresh CR0.WP prior to checking for
emulated permission faults
On 05.04.23 16:36, Sean Christopherson wrote:
> On Wed, Apr 05, 2023, Mathias Krause wrote:
>> On 05.04.23 02:26, Sean Christopherson wrote:
>>> +void __kvm_mmu_refresh_passthrough_bits(struct kvm_vcpu *vcpu,
>>> + struct kvm_mmu *mmu)
>>> +{
>>> + const bool cr0_wp = kvm_is_cr0_bit_set(vcpu, X86_CR0_WP);
>>> +
>>> + BUILD_BUG_ON((KVM_MMU_CR0_ROLE_BITS & KVM_POSSIBLE_CR0_GUEST_BITS) != X86_CR0_WP);
>>
>>> + BUILD_BUG_ON((KVM_MMU_CR4_ROLE_BITS & KVM_POSSIBLE_CR4_GUEST_BITS));
>>
>> Just curious, this should assert that we don't run into similar issues
>> if we make more bits of CR4 guest owned?
>
> Yes? I'm not sure what you're asking. BUILD_BUG_ON() is a just more flexible
> version of stiatic_assert(); it only requires that the inputs be compile-time
> constants, not purely "static>
> he above throws an error at compile-time if there is new overlap between the
> CR{0,4} MMU role bits and the possible guest-owned bits. E.g. adding SMEP to the
> possible guest-owned CR4 bits yields:
Yes, I was just asking about the reasoning behind it as it, obviously,
isn't a problem with the current code. But I ran into it while doing
backports, so thanks for adding it :D
>
> [...]
Powered by blists - more mailing lists